Cyber & IT Supervisory Forum - Additional Resources

CYBERSECURITY OF AI AND STANDARDISATION

A ANNEX:

A.1 SELECTION OF ISO 27000 SERIES STANDARDS RELEVANT TO THE CYBERSECURITY OF AI

Name

Document Reference

Information technology – Security techniques – Information security incident management – Part 1: Principles of incident management

ISO/IEC 27035-1:2016

Information technology – Security techniques – Information security incident management – Part 2: Guidelines to plan and prepare for incident response

ISO/IEC 27035-2:2017

Information technology – Information security incident management – Part 3: Guidelines for ICT incident response operations

ISO/IEC 27035-3:2020

Information technology – Security techniques – Guidelines for cybersecurity

ISO/IEC 27032:2012

Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity

ISO/IEC 27031:2011

Information technology – Security techniques – Mapping the revised editions of ISO/IEC 27001 and ISO/IEC 27002

ISO/IEC TR 27023:2015

Information technology – Guidance on information security management system processes

ISO/IEC TS 27022:2021

Information technology – Security techniques – Competence requirements for information security management systems professionals – Amendment 1: Addition of ISO/IEC 27001:2013 clauses or subclauses to competence requirements

ISO/IEC 27021:2017/AMD 1:2021

Information technology – Security techniques – Competence requirements for information security management systems professionals

ISO/IEC 27021:2017

Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services

ISO/IEC 27017:2015

Information technology – Security techniques – Information security management – Organizational economics

ISO/IEC TR 27016:2014

Information security, cybersecurity and privacy protection – Governance of information security

ISO/IEC 27014:2020

Information security, cybersecurity and privacy protection – Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

ISO/IEC 27013:2021

Information technology – Security techniques – Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations – Technical Corrigendum 1

ISO/IEC 27011:2016/Cor 1:2018

Information technology – Security techniques – Information security management for inter-sector and inter-organizational communications

ISO/IEC 27010:2015

Information technology – Security techniques – Guidelines for the assessment of information security controls

ISO/IEC TS 27008:2019

27